For Incident Managers
A break-glass coordination surface for the moments when Slack is flaky, the vault is unreachable, and the on-call you paged is not responding. Pre-incident playbooks, in-incident war room, post-incident disclosure — one platform, audit-grade.
When an incident escalates, you are juggling Slack threads, phone calls, shared docs, password vaults, and an outdated wiki — and any of them might be part of the outage. Contact lists are stale. Escalation paths are improvised. The board, regulators, and customers each want a clean timeline, and you do not have one yet because you have been holding the response together with screen-sharing and sticky notes.
Every capability has a defined moment in the incident lifecycle. Each card pairs the operational pressure with the concrete tool.
When the primary on-call does not answer, every minute spent figuring out "who next?" is a minute the incident is unmanaged. The escalation order has to be defined before, not improvised at 03:00.
Per-team escalation chains with timeout + retry policy. SMS, email, and push delivery in parallel. Acknowledgement tracking shows who has actually seen the page.
Crisis-time decision-making degrades. Playbooks must be runnable as concrete steps — not paragraphs of prose nobody reads under stress.
Structured incident documents with checkable steps, per-step approvals, and the secret / key references the step requires. Runs are auditable end-to-end.
Vendor account managers, legal counsel, board liaisons, regulator contacts, suppliers, insurance — the people you need to reach during an incident are scattered across CRM systems, personal phones, and stale spreadsheets.
End-to-end encrypted contact records, per-team and per-jurisdiction tagged, with blind-indexed search. Survives outages of the primary CRM.
Plans you have never executed are not plans. Regulators (DORA, FCA / PRA, APRA, MAS) increasingly expect documented exercise evidence.
Run a playbook in simulation mode — no real notifications, full audit trail of the steps a real run would have taken. The artefact you hand to the auditor.
A coordinated channel where every approval, every status update, and every decision is captured — without depending on Slack or Teams being up.
End-to-end encrypted per-conversation keys, message delivery via the Glassbreak mesh (independent of your corporate Slack), full transcript exportable.
Production passwords, root admin accounts, DR site keys, certificate authority access — locked away normally, needed instantly under quorum during the worst moments.
Shamir-split team secrets (T-of-N where T ≥ 2). Approver decrypts share locally, re-encrypts for the requester. The platform never holds a usable key.
During an outage, one channel is rarely enough. SMS, email, push, voice fallback — and a record of who got which.
Multi-channel emergency message broadcast with delivery receipts. Per-recipient acknowledgement tokens. Encrypted payloads end-to-end.
Who is the current incident commander? Which subsystem are they working on? Where in the playbook are we? Without a single view, parallel work duplicates.
Live status board: current commander, active step in each playbook run, owner per workstream, time since last update. Updates persist across vertical failover.
Every regulator now wants a defensible timeline within hours, not days. SEC 8-K (4 business days), GDPR (72 hours), MAS, APRA, DORA all measure time from "knew" not "investigated".
Every action — detection, escalation, approval, access grant, message sent — logged with cryptographic integrity. Exportable as PDF or JSON for the disclosure.
Post-incident reviews drift unless the structure forces honest reflection on what worked, what did not, and what changes for next time.
Template-driven review documents linked to the original incident timeline. Action items tracked as their own assignments with owners and due dates.
Multi-jurisdiction firms have to notify several supervisors in parallel within different windows. Coordinating those notifications without leaks or contradictions is itself a workflow.
Disclosure workspace: contact lists by jurisdiction, message templates per regulator, send-time logging. One coherent set of facts, multiple targeted notifications.
Tools built for sunny-day use fail on the rainy day. Glassbreak is designed for the rainy day from the architecture down.
Glassbreak operates on its own independent verticals (AWS + Scaleway, with Fly.io planned). A primary-stack outage does not take your incident command surface with it.
Secrets, contacts, and messages are AES-256 encrypted on-device before transmission. Glassbreak cannot read any of it — and neither can a compromised provider.
The incident manager view is the same view used in rehearsals. Muscle memory from monthly tabletops carries directly into the real event.
Every approval, every grant, every message recorded with who / what / when / why. The post-mortem writes itself, and the regulator gets the same facts you do.
Not a replacement for paging tools — a parallel break-glass surface. When PagerDuty is degraded, call trees + escalation here still page out via SMS / email / push.
The Fastly-fronted api.glassbreak.io routes to whichever vertical is healthy; if one is down, traffic continues to the other. Your team sees one URL.
Free tier covers one team and five members — enough to load your playbooks, define a call tree, and run a tabletop simulation before committing your real incident programme.
Get product updates and security insights. No spam, unsubscribe anytime.
We respect your privacy. See our privacy policy.
